BrakTooth Flaws Affect Billions of Bluetooth Devices

Privacy advocates and cryptographers reacted strongly to Apple's August announcement that it would inspect customer devices for child sexual abuse material. Faced with such a backlash, Apple announced Friday that it would not change its position, at least for the moment. Apple hasn’t changed its mind completely, but many critics felt relieved that the company was taking more time to listen to their concerns before launching the system live.
Hundreds of thousands remain without power in Louisiana after Hurricane Ida. We looked at the process of getting power back on in New Orleans, as well as how long it can take to get everyone back online.

All who celebrate Labor Day a happy weekend! Except for ransomware hackers and ransomware gangs, who use weekends and holidays to inflict maximum suffering on targets who are likely short-staffed and distracted. Most ransomware attacks of the year were committed before Mother's Day and Memorial Day. Just like clockwork, US Cyber Command issued a warning just a few days after this story was published about a "mass exploit" of a vulnerability in Atlassian's remote management software. Hope you got your patches done! To help you avoid getting hacked, we have a guide for you from WIRED UK.

There's more! Every week, we bring you all the security news WIRED hasn't covered in depth. To read the complete stories, click on the headlines. Stay safe out there.

We've already written many times about major Bluetooth flaws. BrakTooth is a new set if flaws that should not be taken as a surprise. It should not be ignored. The vulnerabilities could lead to many outcomes, including the possibility of malware being executed on a device. An attacker could use the flaws to cause a Bluetooth device to be hacked. This is a much less dangerous but still irritating possibility. It's difficult to estimate the number of potential targets, given the large number of affected companies. BrakTooth is now added to this alarming list.

SpyFone, a company that sells surveillance software, was banned by the FTC this week. This is a first for FTC. SpyFone was also ordered by the FTC to notify all users of the spyware on their devices. This app, along with others similar to it, can allow stalkers and abusers to view victim's photos and texts as well as their location. The FTC directed the company to destroy any information that it might still have on its servers. Spyware is still a thriving industry, so there should be no shortage of enforcement opportunities for the FTC.

Talk about enforcement! The Data Protection Commission in Ireland fined WhatsApp an equivalent of $270 million for failing to properly inform EU residents about its data use. This ruling concerns WhatsApp's practice of sharing user data to parent company Facebook. Many people were shocked to learn that the secure messaging platform finally updated its privacy policy in early 2018. WhatsApp now has three months to comply with the EU's General Data Protection Regulation. WhatsApp has stated that it will appeal this decision.

Hackers love the OMG cable. It was first introduced in 2019. Although it looks just like a Lightning cable, hackers can connect to any device it plugs into. They can then install malware, steal data, and record keystrokes. This week's latest version is available in two new formats: Lightning to USBC and USB–C to USB–C. It also has geofencing and a wider range. This is not a reason to only use cables from trusted sources.

Here are more great WIRED stories